当用户尝试登录时,与Student模型的compare方法进行比较的密码不会对其进行哈希处理。
例如,candidatePassword
的值是用户输入的字符串密码,与this.password
进行比较,这是密码的哈希值,因此在控制台中记录wrong password
不确定如何正确修复它。
studentSchema.pre('save', function save(next) {
const student = this;
if (!student.isModified('password')) {
return next();
}
bcrypt.genSalt(10, (err, salt) => {
if (err) {
return next(err);
}
bcrypt.hash(student.password, salt, (err, hash) => {
if (err) {
return next(err);
}
student.password = hash;
next();
});
});
});
ComparePassword
studentSchema.methods.comparePassword = function (candidatePassword) {
bcrypt.compareSync(candidatePassword, this.password, (err, isMatch) => {
if (err) {
return err;
}
return isMatch;
});
};
LocalStrategy
passport.use('local', new LocalStrategy({
usernameField: 'email'
}, async (email, password, done) => {
const userFound = await STUDENT
.findOne({ email: email.toLowerCase() })
.populate([ '_college', 'enrolledClasses' ]);
if (!userFound) {
console.log('User Does Not Exist');
return done(null, false, 'User Does Not Exist');
}
if (!userFound.comparePassword(password)) {
console.log('Wrong Password'); // getting this error
return done(null, false, 'Wrong Password.');
}
return done(null, userFound);
}));
Login
app.post('/auth/login', passport.authenticate('local', {
successRedirect: '/home',
failureRedirect: '/login'
}));
答案 0 :(得分:1)
def _build_url(list_here):
pulls_url = "http://test.com/{}".format("/".join(list_here))
return pulls_url
不接受bcrypt.compareSync
。它返回callback
值。所以:
boolean